Due to recent security changes, Microsoft has made security changes to how you are able to connect to the SMTP server for your Office 365 email.  

The below steps will walk you through setting up your Office 365 to be able to connect to third party email programs using an App Password.

PLEASE NOTE - This is a temporary fix. Microsoft will be disabling Basic Authentication on October 1, 2022, and will be enforcing modern authentication.  Our development team has been hard at work to meet the modern authentication protocols since Microsoft announced the change back in September 2021.

Make sure to follow each step below, skipping a step will result in a failure to connect.  These steps will need to be repeated for each employee you need to setup.

STEP 1 - Enable SMTP Authentication

Login at https://admin.microsoft.com/ or follow the steps below.

Log into Outlook with your Admin account https://outlook.office.com/mail/inbox

Click the dots in the Upper Left and then click on Admin.

Log in with your Admin credentials for Microsoft; if purchased Office 365 through GoDaddy, log in with your GoDaddy credentials. 

Logged in via Microsoft, click on User Management to proceed.

Logged in via GoDaddy, scroll down to ‘Users’ to continue.

Next click on ‘Manage’ next to the user you are currently enabling, then click on ‘Advanced Settings’

If SMTP Authentication is off, turn it on.  If it is already on, please move to next step.

STEP 2 - Enable Legacy SMTP

Log into your Microsoft Exchange Account with your admin credentials: https://admin.exchange.microsoft.com/

In the left menu, click on ‘Settings’.

Then click on ‘Mail flow’

Under ‘Security’, check the box next to ‘Turn on use of legacy TLS clients.’ 

Make sure the box for 'Turn off SMTP AUTH protocol for your organization' is unchecked.

If it is checked, uncheck it and click ‘Save’.  You can now close this tab.

STEP 3 - Enable MFA (Multi-Factor Authentication)

Log into your Outlook on the web: https://outlook.office.com/mail/inbox

Once signed in, go to: https://account.activedirectory.windowsazure.com/UserManagement/MultifactorVerification.aspx

Next to the user you are working on, if it says ‘Disabled’ under the MULTI-FACTOR AUTH STATUS, click on the user and in the side window that appears on the right, click on ‘Enable’

Once it is Enabled, click on the user again, this time click on ‘Enforce’

Next, log into Outlook, or have that user log in - https://outlook.office.com/mail/inbox 

If you have not setup your Multi Factor authentication yet, there will now appear a prompt to setup your sign-in methods.  If you already have it setup for your account, move on to Step 4.

Setting Up Your Sign-In Methods

You can choose to use an Authenticator app, however, if you do not want to use an authenticator app, you can click on 'I want to use a different method' at the bottom.  We suggest using the 'Phone Number' option for this step.

Follow the prompts to setup that authentication method.

You will then need to setup a back-up method.  Again, if you do not want to use an authenticator app, click on 'I want to use a different method'.  If not using an authenticator app, for this step we suggest using 'Email'.  You will need to enter a different email address than the one you are setting up.

Follow the prompts to complete this step.

Next, Microsoft will ask you to setup an App Password, this is not one that can be used for your DJEP account, so name it anything you want.

Once finished, move on to Step 4.

STEP 4 - Creating an App Password for DJEP

Log in to the Additional Security Verification page with your Microsoft username and password for the user that is being setup: https://account.activedirectory.windowsazure.com/proofup.aspx

You can also get here by logging into https://myaccount.microsoft.com/ and clicking on ‘Security Info – UPDATE INFO’

In the Security Info screen, click on ‘Add sign-in method’ at the top of the table.

In the ‘Choose a method’ dropdown, select ‘App password’

Enter a name for this App password, it must be 8 characters in length.  The name is for your reference only so you know what you created the password for.

Click ‘Next’

DO NOT CLOSE THIS WINDOW – If you close it without copying the generated password, you will not be able to view it again and will need to create a new one.

It is suggested to copy this password and paste into a text file for later reference if needed.

STEP 5 – Setting up Outgoing Server in DJEP

Log into DJEP -> Setup -> Emails -> Settings

Click on the employee type you are working on to expand it.

Under the employee that is being setup, click on ’Setup’ or ‘Edit’ next to ‘Outgoing Server’

Enter the below credentials:

Username: YOUR FULL EMAIL ADDRESS
Password: THE COPIED PASSWORD THAT YOU JUST CREATED
Outgoing SMTP Server: smtp.office365.com
Outgoing Port Number: 587

Click on ‘Save Settings’

If you followed all of the steps above, you should receive a ‘Connected Successfully’ message.

If you receive an error message here, please repeat the above steps to ensure no steps were skipped. 

PLEASE NOTE:  

If you run an Outgoing Email Connection Test (Setup -> Email s-> Help/FAQ -> Outgoing Email Connection Test) You will still receive an error, this is how Microsoft has opted to let users know that they have updated their security measures, this should not affect email sending.

Once you have your outgoing server configured correctly in your DJEP account, it is advised to run a ‘Mail Deliverability Test’.

Log into DJEP -> Setup -> Emails -> Help/FAQ -> MAIL DELIVERABILITY TEST -> START THE TEST

This will provide you feedback on if there are any additional issues with SPF records, DKIM, DMARK, and Blacklists.

If you have errors found in the test, you will need to reach out to your email provider directly to resolve.

IMPORTANT:

If you change your Microsoft password, it will delete any app passwords you have created and you will need to repeat steps 4 and 5.